Hello Raul,
coincidentally I worked with a e-CNPJ card yesterday. The cards comes
with a PKCS#11 library (SafeSign from A.E.T).
So, all you need is a software with PKCS#11 support.
But I don't know of any software which operates at such a low level and
gives the user a PKCS#1 result. Usually PKCS#7 is used, which contains
for example your certificate and the signature time.
PKCS#1 is only a cryptographic primitive and not very usefully without
any additional information.
Generally you could use the PKCS#11 library with Thunderbird for example
to sign your E-Mails.
In your place I would look at the requirements again.
Greetings,
Waldemar
On 17.12.2013 12:44, Raul Rosetto Munoz wrote:
I think that the Card work fine with windows,
but my problem is that I didnt find a Software that sign a file.
I just need to find a software that sign a number! (Can Be on Windows!)
"Every thing start because I need to sign my device serial number with
my smart card, in the documentation that I need to follow just say
that I need sign a number like "290953052" and after sign I need to
get an data string in base64, followed the PKCS #1 version 1.5."
And I just need to do that one time! could be any software!
If some one have any opinion for sure will help me a lot!
Thanks For all help!
On Mon, Dec 16, 2013 at 7:18 PM, Sébastien Lorquet
<sebast...@lorquet.fr <mailto:sebast...@lorquet.fr>> wrote:
Hello
there is no "generic" way to talk to a smart card.
You need to either
-get technical documentation for your card
-reverse the card protocol by looking at the exchanges between the
card and the application. That may not be sufficient if the card
uses a dynamic authentication mechanism.
before allowing the use of a private key to sign data, most card
requires a pin presentation or mutual authentication.
Best regards
Sebastien Lorquet
Le 16/12/2013 22:11, Raul Rosetto Munoz a écrit :
Hello Douglas,
I try many foruns, and all the time I get Unsupported card:
opensc-tool --reader 0 --name
Unsupported card
Do you know how to find the real type of my card?
I try pcsc_scan
But I didnt find some name that I can compare with this list:
https://github.com/OpenSC/OpenSC/wiki/Supported-hardware-%28smart-cards-and-USB-tokens%29
pcsc_scan
PC/SC device scanner
V 1.4.18 (c) 2001-2011, Ludovic Rousseau
<ludovic.rouss...@free.fr <mailto:ludovic.rouss...@free.fr>>
Compiled with PC/SC lite version: 1.7.4
Using reader plug'n play mechanism
Scanning present readers...
0: ACS ACR 38U-CCID 00 00
Mon Dec 16 19:05:21 2013
Reader 0: ACS ACR 38U-CCID 00 00
Card state: Card inserted,
ATR: 3B 7F 18 00 00 80 59 49 44 65 61 59 49 44 65 61 6C 5F 31 2E
ATR: 3B 7F 18 00 00 80 59 49 44 65 61 59 49 44 65 61 6C 5F 31 2E
+ TS = 3B --> Direct Convention
+ T0 = 7F, Y(1): 0111, K: 15 (historical bytes)
TA(1) = 18 --> Fi=372, Di=12, 31 cycles/ETU
129032 bits/s at 4 MHz, fMax for Fi = 5 MHz => 161290 bits/s
TB(1) = 00 --> VPP is not electrically connected
TC(1) = 00 --> Extra guard time: 0
+ Historical bytes: 80 59 49 44 65 61 59 49 44 65 61 6C 5F 31 2E
Category indicator byte: 80 (compact TLV data object)
Tag: 5, len: 9 (card issuer's data)
Card issuer data: 49 44 65 61 59 49 44 65 61
Tag: 6, len: C (pre-issuing data)
Data: 5F 31 2E
Possibly identified card (using /home/raul/.smartcard_list.txt):
3B 7F 18 00 00 80 59 49 44 65 61 59 49 44 65 61 6C 5F 31 2E
e-CNPJ issued by Fenacon (eID)
http://www.fenacon.org.br
Thanks For All Help.
On Mon, Dec 16, 2013 at 5:28 PM, Douglas E. Engert
<deeng...@anl.gov <mailto:deeng...@anl.gov>> wrote:
On 12/16/2013 11:46 AM, Raul Rosetto Munoz wrote:
Hello,
That's my first time that I really need to understand how
the smart card works.
First of all I have with me a Brazilian Digital Document
called e-CPF, this card is an Version V2 with 2048 bits
and is part of IPC-BRAZIL.
Every thing start because I need to sign my device serial
number with my smart card, in the documentation that I
need to follow just say that I need sign a number like
"290953052" and after sign I
need to get an data string in base64, followed the PKCS
#1 version 1.5.
My First question, there is an chance to outsource the
private key inside the smart card?
No. That is the point of a smart card, the private key can
not be read.
It can only be used for decryption or signing. (The public
key in a certificate
is used for encryption or verifying signatures.)
(The issuer of the card may be able to read it, but not
ordinary users.)
I asked that because if I get the private key I can do
that using openssl.
You might be able to use OpenSSL, if the card has an
openssl engine or
the card has a PKCS#11 library. (OpenSC has an openssl_engine
for use with PKCS#11.)
OpenSC also has PKCS#11 for some cards. Not clear if the
e-cnpj is supported or not.
People have asked in the past.
https://github.com/OpenSC/OpenSC/wiki
https://github.com/OpenSC/OpenSC/wiki/Supported-hardware-%28smart-cards-and-USB-tokens%29
Google for: opensc smart card e-cnpj
But if this happen I cant see an reason for smart cards
work well.
Im sorry to ask this basics questions but I realy got
difficult to find informations.
Thanks For All Help!
--
*Raul Rosetto Muñoz*
_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com
<mailto:Muscle@lists.musclecard.com>
http://lists.musclecard.com/mailman/listinfo/muscle_lists.musclecard.com
--
Douglas E. Engert <deeng...@anl.gov <mailto:deeng...@anl.gov>>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com <mailto:Muscle@lists.musclecard.com>
http://lists.musclecard.com/mailman/listinfo/muscle_lists.musclecard.com
--
*Raul Rosetto Muñoz*
_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com <mailto:Muscle@lists.musclecard.com>
http://lists.musclecard.com/mailman/listinfo/muscle_lists.musclecard.com
_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com <mailto:Muscle@lists.musclecard.com>
http://lists.musclecard.com/mailman/listinfo/muscle_lists.musclecard.com
--
*Raul Rosetto Muñoz*
_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com
http://lists.musclecard.com/mailman/listinfo/muscle_lists.musclecard.com
_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com
http://lists.musclecard.com/mailman/listinfo/muscle_lists.musclecard.com
